General
-
Target
14df89f17160356ba6b5ac4927229e90028507644c45f2ecd23c5fa3d441f34c
-
Size
523KB
-
Sample
210907-r1xlyagacp
-
MD5
bf9323b2ef7c4b2d54ec902b1d466cb5
-
SHA1
fa0c59349ad7c1e38f4e021cc72bfc8abfcb30ac
-
SHA256
14df89f17160356ba6b5ac4927229e90028507644c45f2ecd23c5fa3d441f34c
-
SHA512
142cfc51b34122674f183e15318a9642fc30d66c2c6d5cd79f7f7650ddd18d1fa75014d6735a5df5272fa21855fd8f4e8b9d30e02af1399d0c4525bcec40fe4d
Malware Config
Extracted
raccoon
93d3ccba4a3cbd5e268873fc1760b2335272e198
-
url4cnc
https://telete.in/opa4kiprivatem
Targets
-
-
Target
14df89f17160356ba6b5ac4927229e90028507644c45f2ecd23c5fa3d441f34c
-
Size
523KB
-
MD5
bf9323b2ef7c4b2d54ec902b1d466cb5
-
SHA1
fa0c59349ad7c1e38f4e021cc72bfc8abfcb30ac
-
SHA256
14df89f17160356ba6b5ac4927229e90028507644c45f2ecd23c5fa3d441f34c
-
SHA512
142cfc51b34122674f183e15318a9642fc30d66c2c6d5cd79f7f7650ddd18d1fa75014d6735a5df5272fa21855fd8f4e8b9d30e02af1399d0c4525bcec40fe4d
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-